thisven/Website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
Website/content/docs/infrastructure/nextcloud/_index.md

101 lines
5 KiB
Markdown
Raw Normal View History

Add Nextcloud documentation
2024-02-25 19:42:19 +01:00
---
title: 'Nextcloud'
date: 2024-02-25T13:48:03+01:00
draft: true
---
[Nextcloud](https://nextcloud.com/), written in PHP[^1] primarily serves as a
file sharing[^2] solution for me. Due to its extensible design it can also be a
communication hub and project management platform. If you'd like to host your
own Nextcloud take a look at [Nextcloud at home](https://nextcloud.com/athome/).
{{< figure src="img/nextcloud-logo-blue.svg" alt="Nextcloud Logo" width="25%">}}
## Basic setup
For the initial installation and basic setup instructions I refer to the
[Nextcloud — UberLab 7 documentation](https://lab.uberspace.de/guide_nextcloud)
and the [installation and server configuration documentation](https://docs.nextcloud.com/server/latest/admin_manual/installation/index.html).
After installation I navigate to *Settings* > *Overview* (of the Administration
section below) and look for security warnings. You can also use your URL in the
[official security scan](https://scan.nextcloud.com/) to check your instance.
## Security options
For further hardening I recommend changing the [User password policy](https://docs.nextcloud.com/server/latest/admin_manual/configuration_user/user_password_policy.html)
in the *Security settings* to enforce passwords with lower, uppercase, and
numeric characters. A best practice is to limit login attempts to 5 or less and
use [Two-factor authentication](https://docs.nextcloud.com/server/latest/admin_manual/configuration_user/two_factor-auth.html).
Another optimization is to [disable preview image generation](https://docs.nextcloud.com/server/latest/admin_manual/installation/harden_server.html#disable-preview-image-generation)
as mentioned in the official hardening and security guidance. This is achieved
by adding `enable_previews = 'false'` to the `config.php` file. The safest way
is to use the [occ command](https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/occ_command.html)
for this task:
```bash
php occ config:system:set enable_previews --value="false"
```
## Useful apps
### Audio player
When sharing music, I found that in place playback of audio files (no download)
can be enabled with [Audio Player](https://apps.nextcloud.com/apps/audioplayer).
Additionally, I use the [Metadata](https://apps.nextcloud.com/apps/metadata) app
to show file metadata (title, artist, album etc.) in the details sidebar.
### Bookmarks, Calendar, Contacts, and Notes
I synchronize my bookmarks, calendars, contacts, notes, and tasks across devices
using the following Nextcloud apps:
- [Bookmarks](https://apps.nextcloud.com/apps/bookmarks)
- [Calendar](https://apps.nextcloud.com/apps/calendar)
- [Contacts](https://apps.nextcloud.com/apps/contacts)
- [Markdown Editor](https://apps.nextcloud.com/apps/files_markdown)
- [Notes](https://apps.nextcloud.com/apps/notes)
- [Tasks](https://apps.nextcloud.com/apps/tasks)
For bookmarks synchronization I use [floccus](https://floccus.org/) as an addon
in the web browser and Android app. The calendar and contacts synchronization is
natively supported by [Thunderbird](https://www.thunderbird.net/) and the addon
[CardBook](https://addons.thunderbird.net/de/thunderbird/addon/cardbook/) can be
used to extend built-in CardDAV[^3] features. On Android I use [DAVx⁵](https://www.davx5.com/)
with the [Etar Calendar](https://github.com/Etar-Group/Etar-Calendar) app. To
access and synchronize notes and task on Android I use the official
[Notes](https://github.com/nextcloud/notes-android) app and [Tasks.org](https://tasks.org/).
### Cookbook
One of my favorites is the [Cookbook](https://apps.nextcloud.com/apps/cookbook)
app. In tandem with the [Nextcloud Cookbook Mobile Client written in Flutter](https://github.com/Teifun2/nextcloud-cookbook-flutter)
managing and sharing cooking recipes is real fun.
### Talk
The [Talk](https://apps.nextcloud.com/apps/spreed) app offers video conferencing
within Nextcloud and is backed by [eturnal](../eturnal/) in my infrastructure to
support users in NAT[^4] environments.
## Known issues
This section is about issues I came accross in relation to the interaction with
other services of my [infrastructure](../../) and documents **quick and dirty**
solutions rather than implementing secure and clean code.
### Code integrity check
If using [delegation](../matrix/synapse/#delegation), the code integrity check
introduced due to [code signing](https://docs.nextcloud.com/server/latest/admin_manual/issues/code_signing.html#code-signing-fix-warning-label)
complains about the extra file `.well-known/matrix/server` and an invalid hash
for `.htaccess`. As there is no option to exclude files by design and any code
alterations also affect the integrity check, there's currently no way to get rid
Fix formatting and spelling
2024-02-29 15:41:18 +01:00
of that error message.
[^1]: [PHP website](https://www.php.net/) by The PHP Foundation
[^2]: [File sharing](https://en.wikipedia.org/wiki/File_sharing) in the
Wikipedia
[^3]: [CardDAV](https://en.wikipedia.org/wiki/CardDAV) in the Wikipedia
[^4]: [Network address translation](https://en.wikipedia.org/wiki/Network_address_translation)
(NAT) in the Wikipedia
Reference in a new issue Copy permalink